Logo
CliftonLarsonAllen

Senior Application Security Analyst

CliftonLarsonAllen, Dallas, Texas, United States, 75215


Job Description CLA is a top 10 national professional services firm where

our purpose is to

create opportunities

every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you.

CLA is dedicated to building a culture that invites different beliefs and perspectives to the table, so we can truly know and help our clients, communities, and each other.Our Perks:Flexible PTO (designed to offer flexible time away for you!)Up to 12 weeks paid parental leavePaid Volunteer Time OffMental health coverageQuarterly Wellness stipendFertility benefitsComplete list of benefits hereCLA is growing and seeking to hire an experienced

Senior Application Security Analyst

to join our growing Information Technology team. The position offers growth, flexibility and a collaborative work environment.In this position you will:

Work closely with the Manager of Application Security and the Cloud Security Architect to build a holistic view of the overall security posture for the firm. The focus of the position is to assist in the creation, endorsement, and utilization of technical best practice security architecture that guides the Firm through securing acquisition, building, modifying, and interfacing IT resources throughout the organization with an emphasis on cloud-based services. This role is a hands-on position who supports the Cloud Security Architect and Manager of Application Security by assisting in the creation and implementation of best practice documents, security architecture drawings, providing both level 3 and 4 support, and participating and occasionally leading technical projects that span across all IT teams.How you'll

create opportunities

in this Senior Application Security Analyst role:Business Solutions

Supporting role to the Manager of Application Security, Cloud Security Architect, Business Analysts, and Technical Leads on strategic IT projects. Reviews project documentation, research and references security policy, renders recommendations and guidance, approves or rejects project artifacts from a security perspective, and performs other tasks in the pursuit of securing systems, processes, and software applications. This role will often interface with IT peers, IT Leadership and Business Relationship Managers to understand, design, and improve cybersecurity, as it relates to IT security and various CLA Service Lines. They must be able to communicate effectively to target audiences across both the business and technical stakeholders to ensure consistent messaging. They assist the project managers in the creation and documentation of project requirements while ensuring the secure design principles are met. This role works with the CLA technical teams to forecast and roadmap technologies, developing strategic plans from which security standards can be established and enforced. Assesses requirements and translates them into secure system guidelines and high-level technical requirements.Technical Team Initiatives

Guide and counsel technical teams, with guidance from the Manager of Application Security and Cloud Security Architect, in performing implementation activities, and review implementation outcomes, to ensure secure design compliance. They will have involvement in the Firm's Software Development Life Cycle (SDLC) process and ensure all applications and services are built and sustained with security and compliance by design. Other responsibilities include validating controls for Encryption, Access Control, Web Application Vulnerability Detection, OWASP top 10 and other common web application security parameters. Provides peer review of technology initiatives. Creates documentation around security initiatives as required. Provides small scale project management services, including the facilitation of web application penetration tests with outside vendors. Facilitates developer security champion program with support from Cloud Security Architect and Manager of Application Security.What you will need:

4 years of general IT experience required, 2 of which are with security of IT systems and security design/strategy.3 years of modern application development experience required, including exposure and familiarity with CI/CD practices, and versioning methodologies leveraging Git fundamentals (ADO, GitHub).2 years' experience preferred in secure coding tools, including SAST/SCA/DAST"Bachelor's degree is required. Combination of relevant experience, education, and training may be accepted in lieu of degree.#LI-JH1Equal Opportunity Employer /AA Employer/Minorities/Women/Protected Veterans/Individuals with Disabilities.

Click here to learn about your hiring rights.Wellness at CLATo support our CLA family members, we focus on their physical, financial, social, and emotional well-being and offer comprehensive benefit options that include health, dental, vision, 401k and much more.To view a complete list of benefits click here.